Fuzz: continuous fuzzing daemon + corpus + CI regression

[thepastaclaw]

Continuous Fuzzing Infrastructure + CI Integration

Final phase of the fuzzing epic (#108). Three deliverables:

1. Continuous fuzzing daemon on Guix VM

• Script that cycles through all fuzz targets with multi-hour runs
• Persistent corpus storage per target (~/fuzz_corpus/<target>/)
• Crash detection + automatic reporting (save artifacts, log details)
• Runs when VM is idle (not during Guix builds)

2. Corpus development

• Seed corpus from testnet/mainnet real data (serialized txs, blocks, quorum snapshots, BLS sigs, governance objects)
• Export script to extract real-world data into fuzzer-consumable format
• Store in dashpay/qa-assets or equivalent repo

3. CI integration

• Run corpus as regression tests on every PR
• Fast: just replays known inputs against fuzz targets (no long campaigns)
• Catches regressions in seconds
• Add to existing CI workflow

Parent epic: #108

[thepastaclaw]

Starting work on the three deliverables:

1. Continuous fuzzing daemon — bash script for the Guix VM that cycles through all fuzz targets with persistent corpus
2. CI regression workflow — GitHub Actions workflow that runs existing corpus against fuzz targets on every PR
3. Seed corpus management — script to extract real-world data and package corpus for CI

Current state:

• VM has fuzz binary at ~/dash/src/test/fuzz/fuzz (155 targets compiled, including bls_operations and bls_ies)
• 57MB corpus across 80 target directories in /tmp/fuzz_corpus/
• CI already builds fuzz targets (linux64_fuzz) but has NO test step for them
• Bitcoin's qa-assets provides corpus for inherited targets; Dash-specific targets need their own seeds

[thepastaclaw]

Done. Deliverables:

1. CI Fuzz Regression: PR ci: add fuzz regression testing and continuous fuzzing infrastructure dashpay/dash#7173 — adds test-fuzz.yml workflow that runs corpus regression on every PR after the existing fuzz build. Uses bitcoin-core/qa-assets + synthetic Dash seeds.

2. Continuous Fuzzing Daemon: contrib/fuzz/continuous_fuzz_daemon.sh — deployed and running on Guix VM (155 targets, 5min/target, persistent corpus at ~/fuzz_corpus/). Includes systemd service file.

3. Seed Corpus Tools: contrib/fuzz/seed_corpus_from_chain.py — extracts real-world data from running Dash node via RPC, plus --synthetic-only mode for CI. Generates seeds for 16 Dash-specific targets.

VM status: daemon running now (PID 2447990), 75MB corpus across 82 target directories, zero crashes in prior campaigns (except the CQuorumSnapshot bug already fixed in #7162).